What you’ll be doing:
- Perform application and network vulnerability assessments, penetration tests, red team exercises using automated tools and manual techniques.
- Identifying and prioritizing vulnerabilities within application source code or running application
- Application source code review in multiple languages (such as PHP, C, C++, .NET etc.) using automated tools and manual techniques.
- Partner with development engineering to ensure security is considered in the design phase for all applications i.e. Threat Modeling
- Provide training and guidance to development teams on secure coding practices and vulnerability remediation.
- Utilize and maintain security tools such as vulnerability scanners, penetration testing frameworks, and other security assessment tools.
- Develop and deliver presentations to stakeholders, including senior management, technical teams, and non-technical audiences.
What we’re looking for:
- 3-5 years of experience in vulnerability assessment, penetration testing, or a related role.
- Relevant certifications such as OSCP, CEH, eWPT, eJPT are preferred.
- Proficiency in scripting or programming languages (e.g., Python, PowerShell, Bash).
- Must have knowledge in understanding development languages and its concepts such as PHP, C, C++, .NET
- Strong knowledge of security principles, techniques, and tools.
- Knowledge of OWASP Top 10 (Web, API), OWASP methodologies and guidelines.
- Excellent technical communication and analytical skills.
- Preferred in bug bounty programs and/or Capture the Flag (CTF) competitions to demonstrate practical skills in finding and exploiting vulnerabilities.
- Excellent time management and organization skills with an aptitude towards creative problem solving.
- Proven ability to develop successful partnerships with internal and external stakeholders.
- Ability to guide engineering organization about threat modeling and its recommendations
- Strong presentation skills with the ability to convey complex information to a variety of audiences.
- Highly developed oral and written communication skills
- Experience supporting global organizations is preferred.